Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here ΞΞ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub ΞΞ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Looking for assistance with a cryptostorm connection issue? Post here & we'll help out. Also: if you're not sure where to post, do so here & we'll move things around as needed. Also: for quickest support, email our oddly calm & easygoing support reps at support@cryptostorm.is

This is a thread to collect websites / forums / etc that block CryptoStorm IPs for some reason. The CryptoStorm team will use the information collected here to get in touch with the respective owners and sort things out. So please contribute information about all IP blockades you might encounter!

Please always include the following information:

URL to the website or service that blocks you.

(if known) The exit-node cluster you were using while encountering the blockade.

DesuStrike and I have discussed the philosophical approach that cryptostorm takes to these blacklisting issues, which (as I understand it) is an approach that is dissimilar to that common nowadays in the "VPN industry."

As we've discussed elsewhere, our provisioning model doesn't rely on a constantly-churning sea of disposable, low-capacity VPS "servers" with temporary IP addresses assigned to them. Rather, we lease dedicated hardware for hosting facilities we (generally) know and have experienced previously as customers over the years we've been providing secure network service. Those machines generally have a handful (less than a dozen) of long-term-assigned IPs mapped to them (nobody actually "owns" IP addresses, apart from companies grandfathered in with their own C-class allocations back in the old days... and even those are, in theory, assignments that can be revoked by IANA/RIPE) which stay stable over the years.

We don't churn IPs, we don't "burn" IPs, and we don't rely on a big sea of IP addresses as a lazy-assed (and functionally ineffective) stand-in for a real security model, threat vector response framework, and cryptographic foundations. Sometimes our IPs do change, if we outgrow a given colo or migrate amoungst hardware instances within a given facility, and so on - but it's the exception, not the rule.

When one of our public-facing IPs (there's far more in use for non-visible testing/administration tasks than those seen by connecting clients: redundancy, daemon isolation, sysadmin interfaces, and NIC fallback provisioning, for example - in addition to virtualised networking 'pipes' when we deploy VM-based components) gets blacklisted somewhere, we contact that resource and let them know what's going on. In six years or more of following this procedure, I know of no legitimate sites that have refused to remove the blacklist (a few garbage, bottom-feeding sites - such as one whose initials sound alot like 'ED' - routinely blacklist network security services, for two primary reasons: one, they aggressively advertise low-quality "VPN services" to trick site visitors into generating affiliate revenue for them via hidden clickthrough tracking programs - "affiliate ID017," for example; two, they've been caught blackmailing site visitors with threats to expose them to public ridicule if they' don't pay money or provide other no-cost loot to the admins... this of course won't work if someone's using a real network security service, like cryptostorm or Tor, so they block those). As it's a small world out there, we often as not know someone who knows someone who knows an admin or developer at the website in question - who can then 'vouch' for cryptostorm's legitimacy.

It's sort of a throwback to the old-fashioned era of "netiquette" said in a genuine, non-ironic fashion. And it works.

Occasionally, we'll find an IP blacklisted somewhere because a previous "tenant" of that IP - before it was assigned to us - was using it in a shoddy way. That's not common, but it does happen occasionally. Again, we've had near-complete success in resolving those via simple personal communications with the admins who maintain such blacklists.

Contrariwise, here in the forum we also have a "blacklist" of known-spambot IP addresses - on rare occasions, that blacklist somehow overlaps legitimate IP-space. When that happens, we remove the block on that IP (or /24, or /16, or whatever). Simple as that. Indeed, this sort of thing goes on "behind the scenes" of well-run web resources on a daily, or even hourly, basis around the world... and has been going on or decades. It's not very glamorous, but it's part of running things well and ensuring the widest possible access to public web resources. It's what sysadmins do that's neither complex nor likely to win awards and promotions - but is nevertheless a core part of our professional role, often as not. Like I said, a bit old-school...

Anyway, if you find yourself blocked from somewhere whilst using cryptostorm, please do post a quick note here. We'll get 'round to contacting them, sooner or later. Some resources block all "anonymising" tools as a class - to "prevent fraud," or so they claim. We don't even bother trying to work with those idiots. A prime, festering example of this is a shit-assed pathetic "anti-fraud" service called MaxMind. Don't get me started...

(note that any skiddie can easily enough root a box somewhere, or just lease a little corner of a botnet, and redirect malicious traffic through "genuine" residential IPs with a few mouse-clicks and a small fraction of a bitcoin - so banning Tor and cryptostorm and other real security services to "prevent fraud" is useless security theatre designed to appeal to dumb website "managers" who have no technical skills, no experience, and no personal capability to ask someone who does and follow their advice judiciously)

I've also been interested, over the years, in providing community-available tools to help resolve inadvertent blacklist inclusions without bottlenecking on staff time availability. At the simplest level, posting a "form letter" here that members can email to blacklist-maintaining sites is a good start. From there, a dedicated email address for blacklist-related correspondence, manned by tech ops, makes sense. And a page on cryptostorm.is &/or a thread here explaining our service, our IP philosophy, our view on blanket blacklisting of network security tools, and the process for contacting cryptostorm staff in the event further discussions is required - this will be useful, I think.

We see IP management as a form of topological hygiene: ensuring our IP-space is well-run, well-managed, and well-resourced is a part of being a professional team and of being constructive members of the internet community overall. And, yeah, we're just old enough - as a team and as individuals - to still think of "the internet community" as something that matters, and exists as a class of social obligations & reciprocal dependencies.

Looks like they have a policy of blocking all known VPNs and TOR, which is pretty dumb.[/s]

UNSOLVABLE!

EDIT by DesuStrike: It is indeed blocked on all CryptoStorm-IPs I can use. They also explicitly state that there will be no exceptions for VPNs ever. What sort of honeypot-like attitude is that?! Their loss...

Does this one count? "You've Been Blacklisted from VideoSift", Rick Astley performing marvels of choreography all over the page. And I don't remember ever visiting this website before.URL: http://videosift.comNode: Montreal (70.38.46.226)

{Yes, of course this counts! We can't fix geo restriction but this is an obvious banned IP issue that can be resolved by talking.} ~DesuStrike

Either both have been resolved, or it's one of my Firefox addons that is allowing me access. (Change Referer, Dephormation, Secret Agent, FireGloves). I will try disabling them and come back here with an edit...

EDIT: Both sites loaded up with no addons enabled. Not sure what to make of this... lol

Okay, VideoSift seems to work now, which cannot be said of GBAtemp (Montreal; 198.50.119.171).

GBAtemp wrote:NOTE: we will NOT unban your particular VPN/proxy/TOR/hosting IP address. Please do not contact us for exceptions.

What a tards.

BTW, this isn't really relevant to the topic, but I think I should mention it: at least one what-is-my-IP website (namely, http://whatismyipaddress.com/) reports "198.50.119.171" as being located in Toulouse, France. That's kinda weird.

I just tried the hulu URL, and it didn't work either. Then I checked my traffic connections log and noticed it is an Akamai-based site. So I temporarily disabled my Akamai rule, reloaded and it worked. I haven't got Flash installed, so I couldn't get past the "watch an episode" section.

marzametal wrote:I just tried the hulu URL, and it didn't work either. Then I checked my traffic connections log and noticed it is an Akamai-based site. So I temporarily disabled my Akamai rule, reloaded and it worked. I haven't got Flash installed, so I couldn't get past the "watch an episode" section.

The node I am using is Chili.

Yeah that's the problem it only blocks the java.... and shows the message, the rest of the site still thinks i'm in USA

It's perhaps a year ago, I had the bad idea to buy sth in a online store and to pay with Paypal (PP) being connected on some cryptostorm exit node. It doesn't matter which one it was. I did the payment and after that my paypal account was blocked. It was a real hassle to get my account working again!

I called some PP manager in Luxembourg because I wanted to know how to avoid the problem in the future. PP asked me to sent copy of my passport, a recent bank account paper and all the scanned papers I sent was not enough, not good, not as if PP wanted them to be. *sigh*

I told the PP manager that I was connected on a VPN for security reasons and that a) this was no reason to block my account, and b) it could happen that I buy and pay sth. being on a voyage or in vacations in another country as my home adress.

PP manager told me that normally I only should use my PP account with my computer "at home" and nothing else.

I told him that the internet exists since 20 years and the interest of the internet is exactly that we can connect to our things wherever we are in the world. It is stupid to be able to use our accounts only "at home".

Nothing could be done, I spoked with a wall, PP stayed on their "rules": "Sometimes it could work, sometimes not", told the manager to me.It's an algorithm who decides whether or not to block an account. It's to protect the customers.

So I think that CS will not be able to change the "rules" of a company like PP, but I wanted to share this experience with you.

I can't send a paypal phishing mail to spoof@paypal.com, I'm connected to the Frankfurt node. I replaced my mail address with dots.After the break is the return mail.:----------------------------------------------------------------------------------

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more ofits recipients. This is a permanent error. The following addressfailed:

I've tried the above, plus other specific URLs found on other forums, such as "https://safelinking.net/QtY3ogf". It times out on my side without any website feedback, no errors, or 404s etc... just stops. I have tried to browse these links in both IE and FF, both with and without addons/extensions. I have also tried this in FF with a new profile via "firefox -p" but still nothing. This has been performed on CS Germany, Russia and France (cannot remember which exit node).

"Based on your IP address, we noticed you are trying to access Hulu through an anonymous proxy tool. Hulu is not currently available outside the U.S. If you're in the U.S., you'll need to disable your anonymizer to access videos on Hulu.

If you think you're receiving this message in error, please submit this form."

I've tried the above, plus other specific URLs found on other forums, such as "https://safelinking.net/QtY3ogf". It times out on my side without any website feedback, no errors, or 404s etc... just stops. I have tried to browse these links in both IE and FF, both with and without addons/extensions. I have also tried this in FF with a new profile via "firefox -p" but still nothing. This has been performed on CS Germany, Russia and France (cannot remember which exit node).

Was a false positive... as confirmed by staff on chat...Turns out safelinking is similar to mega, in that it requires dom.storage access.

When using Cryptostorm, a download from share-online(.)biz isn't possible.Waiting for the captcha to be verified works, and after that the 2nd countdown works too, but when the actual download starts, it times-out while connecting to their servers.

If I try to report a phishing mail to Paypal to their spoof@paypal.com (via forwarding it), it doesn't get delivered.I can only send it without Crypostorm IP, using my real ISP IP.)

[EDIT: weird, normally it works with the real IP, but now even that failed too.]

This is the return message:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more ofits recipients. This is a permanent error. The following address(es)failed:

spoof@paypal.com:SMTP error from remote server for GREETING command, host: mx2.paypalcorp.com (173.224.161.141) reason: 554-mx2.paypalcorp.com554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.

Sucuri WebSite Firewall - CloudProxy - Access DeniedWhat is going on?You are not allowed to access the requested page. If you are the site owner, you can whitelist your IP using this procedure: https://kb.sucuri.net/cloudproxy/Whitel ... listing-IP. If you are not the owner of the web site, you can contact us at cloudproxy@sucuri.net. Also make sure to include the block details (displayed below), so we can better troubleshoot the error.Block details

Site: https://tools.ietf.org/Node: Canada East (167.114.84.133)Error: ForbiddenYou don't have permission to access / on this server.Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.Apache/2.2.22 (Debian) Server at tools.ietf.org Port 443